MBRCGI Websites
|
Ibtekr.org
|
MBRCGI.gov.ae
|
UAE Innovates
|
Edge of Government
|
Pitch@Gov

Using behavioural science to enhance cyber security in New Zealand

9 minute read
In response to national concerns about cyber security, the New Zealand government launched a campaign to lead people's behavioural change and enable them to protect themselves online, based on scientific research that analysed citizens' actions and motivations and suggested ways to change them.
Share this content

Add to Favorite ♡ 0

In response to national concerns about cyber security, the New Zealand government launched a campaign to lead people's behavioural change and enable them to protect themselves online, based on scientific research that analysed citizens' actions and motivations and suggested ways to change them.

Although technology has brought benefits, it has also brought many risks. As any other invention, it has found those who misuse and harness it for illegal or immoral purposes, and it has become necessary for any country that aspires to take advantage of it to be ready to meet its own risks.

Statistics indicate that more than 80% of cyber security breaches in the last year were due to a human element, including unintentional errors and organised campaigns that may be carried out by cyber criminals, hostile nation states and other malicious actors have access to sophisticated technology. Such hackers use machine learning techniques, artificial intelligence, voice messages, deep fakes, ransomware and many more.

These attacks in New Zealand raise serious concerns, as they can cripple vital processes, affect people's lives, destroy institutions and companies and threaten the future of governments. The worst is that the likelihood of these attacks is increasing steadily due to the reality imposed by the COVID-19 pandemic, as the individual spends most of the day online and communicates with the outside world through dozens of accounts on various websites and platforms.

Numerically, New Zealanders lost nearly US $6 million during the third quarter of 2022, and New Zealand’s National Cyber Security Center (NCSC) has announced that an IT managed service provider suffered a cyber-attack, compromising access to its data and systems. Those affected by the cyber security incident included vital government institutions like hospitals, where the attack compromised patient data and interrupted monitoring for cancer patients.

The New Zealand government has adopted a comprehensive cyber security strategy focusing on 4 aspects, namely capacity-building in this area, establishing an active and flexible system, adopting a proactive approach to cybercrime and spreading a culture of cyber security among citizens.

Cyber security requires an antivirus software and hardware, but what’s important is human behaviour. The New Zealand government focused on citizens and made it its goal to equip them with the skills necessary to avoid cyberattacks.

Work began with an extensive research and study campaign conducted by the New Zealand government’s computer emergency response team to design solutions based on its outputs. The research showed that the largest percentage of cybercrime occurs as a result of hacking accounts with weak passwords. Accordingly, the focus was on the science of human behaviours, which are extremely complex and affected by social, environmental, economic, intellectual and neurological factors, and the list goes on.

Scientists attribute many of our behaviours to "cognitive biases," which can be described as systematic errors in thinking that occur when we perceive what is going on around us and interpret it according to past experiences or judgments. Cognitive biases are our brain’s mental short cuts as they guide our decision making and influence our behaviour without us even being consciously aware they are doing so.

Based on this, the team designed a cyber security campaign that takes advantage of cognitive biases, which might help people and attempts to modify those that hinder it. This is what the researchers call “Make it human”, a concept that means using behavioural ‘nudges’ to encourage better cyber practices.

The #BigPasswordEnergy campaign was launched in 2022 with a message that the protection of cyber security is not limited to specialists, but rather affects everyone who uses technological products. The campaign used photos of everyday folks rather than men in suits using advanced computers. This can subconsciously motivate people to act and encourage those with low cyber confidence to take active steps. The campaign also sought to reframe passwords to passphrases. The perception of ease around passphrases was much higher, and people are more likely to act when concepts are framed in simpler ways. Hence, trendy ads around the streets of New Zealand and on the Internet have nudged New Zealanders to adopt stronger passwords that couldn’t be hacked.

New Zealand’s Computer Emergency Report Team (CERT NZ) and The Research Agency have produced Cyber Change – a book of behaviour change techniques aimed at prompting positive cyber security actions. The guide was created for New Zealanders, and government and industry agencies who are working in the area of online security. Its purpose is to share insights about how to improve the effectiveness of cyber security interventions.

It is worth noting that the New Zealand government drew a lot from the Estonian government’s cyber education modelstarting with children in the kindergarten, through adolescents, youth, and adults, and not ending with the elderly.

Behavioural science plays a pivotal role in understanding social phenomena and designing more effective solutions. In New Zealand's experience, awareness campaigns can motivate people to act and build their confidence and knowledge to be the key actors in protecting themselves and their government.

References:

https://dpmc.govt.nz/sites/default/files/2019-07/Cyber%20Security%20Strategy.pdf
https://govinsider.asia/intl-en/article/BIG-PASSWORD-ENERGY-New-Zealand-uses-behavioural-insights-to-drive-cyber-hygiene
https://www.cert.govt.nz/assets/resources/cert-nz-cyber-change-behavioural-insights-2022-online-version.pdf
https://www.weforum.org/agenda/2022/11/how-user-experience-and-behavioural-science-can-guide-smart-cybersecurity/
https://www.dataguidance.com/news/new-zealand-cert-nz-issues-cyber-change-guide
https://www.cshub.com/attacks/news/new-zealand-government-compromised-in-third-party-cyber-attack
https://www.ncsc.govt.nz/news/response-to-managed-service-provider-cyber-security-incident/
https://www.nzherald.co.nz/business/a-mole-map-interrupted-as-cyberattack-barrage-continues/AJUZVU3D3RBSFKBPQJ4KWZXDZQ/
https://www.cert.govt.nz/individuals/news-and-events/scammers-using-sophisticated-attacks-against-new-zealanders/

Subscribe to Ibtekr to stay updated on the latest government initiatives, courses, tools and innovations
Register Now
Subscribe to Ibtekr’s Newsletter
Innovators’ Mailing List
Our newsletter reaches more than 30,000 innovators from around the world! Stay up to date with innovations from across fields of practice in the public sector.
Subscription Form (en)
More from Ibtekr

Transforming Urban Freight: Pioneering Sustainable Solutions for Greener Cities

In response to the growing environmental concerns associated with urban freight, cities, including Rosario, Bogotá, Kochi, Shimla, and Panaji, are proactively engaging in initiatives involving smart technology, forward-thinking urban planning, the promotion of sustainable practices, strategic policy development, and the cultivation of collaborations with the private sector. These collective endeavors are geared toward shaping a more sustainable future.

 · · 5 June 2024

Philippines Takes on Circular Economy Measures to Tackle Plastic Waste

The Philippines is facing a serious pollution crisis due to plastic waste that threatens its seas, tourism, and the livelihoods of its people. With the support of international organizations, programs have been developed to collect and recycle plastic bottles, and mobile centers have been deployed to receive waste from residents in exchange for incentives that encourage them to adopt a circular economy approach.

 · · 5 June 2024

Canadian City Determined to Reduce Food Waste

To address the interplay between climate change and food waste, the Canadian region of Guelph-Wellington has launched two initiatives to establish circularity in the overall system. Through diverse initiatives such as transforming food waste into valuable resources, recycling, banning the burial of organic waste, and enhancing collaboration for effective management.

 · · 5 June 2024

Managing Water Crisis: Lessons from Cape Town's Drought Experience

Extensive efforts are made by big cities to plan and invest in ensuring the provision of the most crucial natural resource, which is water, especially in the face of climate change challenges that can adversely affect the availability of water in urban areas in two ways. It exacerbates water scarcity and contributes to accelerating population growth in cities due to the increasing migration of rural residents to cities, as environmental conditions suitable for agriculture decline in certain areas. In this context, Cape Town stands as a prominent case worthy of study in facing this challenge.

 · · 8 May 2024

Early Warning Systems: Lessons from Japan and China for Resilience against Natural Disasters

With the increasing intensity and frequency of natural disasters worldwide over the past few decades, particularly those directly linked to climate change, the United Nations has launched the "Early Warning for All" initiative as a framework to ensure the protection of every individual through the deployment of early warning systems by the end of 2027. As efforts converge on formulating plans and addressing the significant challenges that this initiative will face, there are innovative and advanced experiences that have proven successful in both Japan and China in this field. These experiences can contribute to designing global early warning strategies and systems, further supporting the United Nations initiative or similar initiatives with best practices.

 · · 8 May 2024
1 2 3 80
magnifiercrossmenuchevron-down